The present invention relates to a secret information service system and method, and more particularly to a secret information service system and method wherein an information service station enciphers information to be supplied by using an ID key for information destination subscribers, and a receiving station deciphers the information by using the same ID key.
As societies become overflowing with more and more information, information service is now available through broadcast communications via a satellite, local area network (LAN), cable television network (CATV) and the like. For information communications service, it is important that various information such as movies, news, market information, investment information, and software is required to be supplied correctly and sufficiently to subscribers. It is also important that secret information or highly value-added information should not be leaked to any third parties.
In communications having a broadcast function such as satellite communications, signals transmitted at a physical level reaches basically all receiving stations. In order to regulate information destination stations in broadcast communications, it is effective if cryptographic communications are carried out.
As well known, in cryptographic communications, a transmitter enciphers a plaintext by using an enciphering key, and a receiver receives the ciphertext and deciphers it into the plaintext to obtain the original information. The enciphering key is in one-to-one correspondence with the deciphering key, and only a person possessing the deciphering key can decipher the ciphertext in cryptographic communications. A person not having the deciphering key cannot decipher the ciphertext so that cryptographic communications are not available.
By using such characteristics of cryptographic communications, it becomes possible to regulate information destination stations. Namely, a ciphertext is broadcast after a plurality of limited destination stations only are permitted to have a deciphering key. With such an arrangement, original information is allowed to be accessed only by authorized destination stations. Although physical signals are received by unauthorized stations, they have not a deciphering key so that the original information cannot be accessed. Cryptographic limited broadcast communications are associated with the following problem. In ordinary broadcast communications, there are several to ten thousands receiving stations and a great number of types of information to be supplied.
Different stations desire to receive different types of communications and information. Therefore, an information service station is required to prepare a great number of reception patterns. Each time a different reception pattern is used, a deciphering key at a receiving station must be changed, resulting in a large burden on the information service station.
A conventional technique dealing with such a problem is disclosed as a secret key sharing unit for 1:N uni-directional communications.
FIG. 1 shows the system using the secret key sharing unit according to this disclosed art.
In this known art, 1:N (N.gtoreq.2) communications are carried out in the following manner. In dual-directional secret communications among three or more receiving stations, each receiving station independently inputs all identification codes ID other than its own identification code ID to an input terminal 2701 of its own secret key sharing unit CR. Assuming that the group members include users A, B, and C. User A inputs identification codes IDB and IDC of users B and C other than its own identification code ID to the input terminal 2701 of the secret key sharing unit CR. Basing on the identification codes IDB and IDC inputted from the input terminal 2701. One way functions F(IDB) and F(IDC) are generated by a one way function F(*) generator 2702 having the structure common to all users. The generated functions are not inputted to a function comparator 2704, but are added by a modulo-2 adder 2709 to a random number R common to all users of network or data communication systems and inputted beforehand in a third memory 2708 and to a one way function F(IDA), thereby obtaining a one way function value ro: EQU ro=R.sym.F(IDA).sym.F(IDB).sym.F(IDC)
The one way function value ro is inputted to a one way function f(*) generator 2706 having the function common to all users to obtain a secret key K.sub.ABC =f(ro) which is outputted from an output terminal 2707. User A is allowed to carry out secret communications by using the secret key K.sub.ABC specific only to user A.
Similarly, user B inputs identification codes IDA and IDC of users A and C other than its own identification code ID to an input terminal 2701 of the secret key sharing unit CR. Basing on the identification codes IDA and IDC inputted from the input terminal 2701. One way functions F(IDA) and F(IDC) are generated by a one way function F(*) generator 2702 having the structure common to all users. The generated functions are not inputted to a function comparator 2704, but are added by a modulo-2 adder 2709 to a random number R common to all users of network or data communication systems and inputted beforehand in a third memory 2708 and to a one way function F(IDA), thereby obtaining a one way function value ro: EQU ro=R.sym.F(IDB).sym.F(IDA).sym.F(IDC)
The one way function value ro is inputted to a one way function f(*) generator 2706 having the structure common to all users to obtain a secret key K.sub.ABC =f(ro) which is outputted from an output terminal 2707. User B is allowed to carry out secret communications by using the secret key K.sub.ABC specific only to user A.
User C inputs identification codes IDA and IDB of users A and B other than its own identification code ID to an input terminal 2701 of the secret key sharing unit CR. Basing on the identification codes IDA and IDB inputted from the input terminal 2701. One way functions F(IDA) and F(IDB) are generated by a one way function F(*) generator 2702 having the structure common to all users. The generated functions are not inputted to a function comparator 2704, but are added by a modulo-2 adder 2709 to a random number R common to all users of network or data communication systems and inputted beforehand in a third memory 2708 and to a one way function F(IDA), thereby obtaining a one way function value ro: EQU ro=R.sym.F(IDB).sym.F(IDA).sym.F(IDC)
The one way function value ro is inputted to a one way function f(*}generator 2706 having the structure common to all users to obtain a secret key K.sub.ABC =f(ro) which is outputted from an output terminal 2707. User C is allowed to carry out secret communications by using the secret key K.sub.ABC specific only to user A.
The detail of this conventional system is described in Japanese Patent Laid-open Publication JP-A-63-280530.